PRIVACY NOTICE

Dear Visitor!

 

Welcome on our website! First of all, let us thank you for your visit to our gyulaimemorial.hu website operated by Élményliget Kft.

 

Élményliget Kft. gives increased emphasis to the protection of your personal data. Therefore, we try to give you wide information about the data processing of Élményliget Kft. (hereinafter referred to as: Élményliget Kft. or Controller) in a clear, transparent and intelligible way.

 

This Privacy Notice regarding the operation of www.gyulaimemorial.hu webpage (hereinafter referred to as: Webpage) was made by Élményliget Kft. in compliance with and in consideration to the regulations of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as: GDPR) which is to be applied from 25 May 2018 and Act CXII of 2011 on Information Self-determination and Freedom of Information (hereinafter referred to as: Infotv.)

 

As the internet and the laws, regulations are changing, improving from time to time, we must also modify this Privacy Notice from time to time. We reserve the right to the unilateral modification, amendment of this Privacy Notice if it is necessary.

 

Élményliget Kft. processes those personal data which have been given voluntarily by third people (hereinafter referred to as: User or Users) and in compliance with the principles of data protection and data processing.

 

  1. Legal basis and purpose of data processing

 

On the Webpage, Users may give personal data to the Controller in connection with the use of the Webpage, as - by visiting respectively by the usage of any of the Webpage – the Users may give information, data regarding them (anonymous data collection).

 

    1. Anonymous data collection and processing

 

Should the User visit any part of the Webpage, no personal data of the User is collected or processed by the Controller, based on which data the User could be personally identified. During the anonymous data processing only the following data is collected and processed: name of internet-provider, IP-address, the name of the webpage from which the User visited our Webpage, name of the webpage which the User visited after our Webpage.

 

Therefore, you may use our Webpage without the disclosure of any personal data. Using of our Webpage does not depend on providing personal data, except if personal data is required in order to fulfill your requests, as well as to provide more information requested by the User.

 

When you visit and use our Webpage, we store different data on our servers due to security reasons. These data may be suitable for your identification, however, we do not use them for such purpose. From time to time, we use these data for statistical purposes, but we keep the anonymity of the users, thus the person cannot be identified. We ensure the observation of the data protection rules by proper technical and organizational means, if we give these data to co-workers within Élményliget Kft.

 

By visiting our Webpage, you give your consent to the Controller to the process of data, information stated in this section, moreover to the application of cookies which are needed for the collection of these data. These data, information shall not be connected with other personal user data, the User cannot be identified based on these data, information. Only the Controller has right to access these data, information.

 

The primary purpose of the process of such data is the proper, safe and smooth operation of the Webpage. For the sake of this purpose it is necessary to track visitor data and to defecate the abuses in connection with the usage of the webpage. The legal bases of the anonymous data processing is section (1) f) of Article 6. of GDPR, namely the legitimate interest of Élményliget Kft.

 

  1. Use of cookies

 

We use cookies on the Webpage in order to ensure your efficient webpage-use. Cookies are identifiers which can be sent by our webserver to your computer in order to identify the computer which uses the website. Most of the browsers accepts these cookies automatically as per its basic settings. Information stored in the cookies are stored on the affected computer, but they do not contain virus nor cause damages. Storage of cookies can be switched off, and you can also set in your browser to receive notification before cookies are to be stored on your computer.

We do not identify you through the cookies directly. The purpose of the use of cookies are: ensuring the optimal and user-friendly operation of the webpage, sending proposals upon request of the Users, making statistics.

As per the above, we use cookies on the Webpage based on Article 6. section (1) f) of GDPR.

 

We use the following cookies:

  1. Cookies originating from third parties:

    1. Cookies used by Google with visitor-analysis purposes (__utma, __utmb, __utmc, __utmz, PREF, NID, GAPS). Google stores these cookies in your browser for two years.

    2. Cookies used by Facebook for the use of Facebook-functions, such as like, share (datr, reg_ext_ref, reg_fb_gate, reg_fb_ref). These Cookies are stored in your browser for two years.

  2. In case of banner appearances, the identification of the user and identification of the clicks (banner), which is stored in your browser for one year.

  3. Registration cookie – Identification of the user’s activity on the webpage until registration (registration_cookie). The cookie is stored for one year.

  4. Cookies for supporting the workflow of the webpage (PHPSESSID). It is deleted when you close the browser or if you leave the webpage.

 

  1. Rights of the Users, as data subjects

 

You, as User (data subject) have the following rights:

 

  1. Right for information, right of access

The data subject has the right to ask for information from the Controller about his/her data processed by the Controller for free of charge.

This means that the data subject has the right to obtain from the Controller confirmation as to whether or not personal data concerning him/her are being processed, and, where that is the case, access to the personal data and the following information:

  • the purposes of the processing,

  • the categories of personal data concerned,

  • the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations,

  • the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period,

  • the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing,

  • the right to lodge a complaint with a supervisory authority,

  • where the personal data are not collected from the data subject, any available information as to their source,

  • the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

 

  1. Right to rectification

The data subject has the right to obtain from the Controller without undue delay the rectification of inaccurate personal data concerning him/her. Taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by means of providing a supplementary statement.

 

  1. Right to erasure, right to be forgotten

The data subject has the right to obtain from the Controller the erasure of personal data concerning him/her without undue delay and the Controller has the obligation to erase personal data without undue delay where one of the following grounds applies:

    • the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed,

    • the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1) of GDPR, or point (a) of Article 9(2) of GDPR, and where there is no other legal ground for the processing,

    • the data subject objects to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) of GDPR,

    • the personal data have been unlawfully processed,

    • the personal data have to be erased for compliance with a legal obligation,

    • the personal data have been collected in relation to the offer of information society services referred to in Article 8(1) of GDPR.

If the Controller has made the personal data public and is obliged pursuant to erase the personal data, the Controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

 

  1. Right to restriction of processing

The data subject has the right to obtain from the Controller restriction of processing where one of the following applies:

    • the accuracy of the personal data is contested by the data subject, for a period enabling the Controller to verify the accuracy of the personal data;

    • the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;

    • the Controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims;

    • the data subject has objected to processing pursuant to Article 21(1) of GDPR pending the verification whether the legitimate grounds of the Controller override those of the data subject.

A data subject who has obtained restriction of processing, shall be informed by the Controller before the restriction of processing is lifted.

 

  1. Right to data portability

The data subject has the right to receive the personal data concerning him/her, which he/she has provided to the Controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the Controller to which the personal data have been provided, where:

  • the processing is based on consent pursuant to point (a) of Article 6(1) of GDPR or point (a) of Article 9(2) of GDPR or on a contract pursuant to point (b) of Article 6(1) of GDPR; and

  • the processing is carried out by automated means.

In exercising his/her right to data portability, the data subject shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible.

 

  1. Right to object

The data subject has the right to object, on grounds relating to his/her particular situation, at any time to processing of personal data concerning him/her which is based on point (e) or (f) of Article 6(1) of GDPR, including profiling based on those provisions.

Should the data subject object to processing of personal data concerning him/her, the Controller shall no longer process the personal data unless the Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.

 

Exercise of the rights

If you wish to exercise any of your rights, namely if you wish to ask for information, to access any of your personal data processed by the Controller, wish the rectification, erasure or restriction of data processing, or wish to obtain to the data processing, then you may exercise the right via a written request in English. The request shall be sent to the Controller via post or e-mail.

 

The Controller shall provide information in writing (via mail or via e-mail) on action taken on your request to you without undue delay and in any event within 30 days of receipt of the request. That period may be extended by 60 further days where necessary, taking into account the complexity and number of the requests. The Controller shall inform you of any such extension within 30 days of receipt of the request in writing (via mail or via e-mail), together with the reasons for the delay.

If you make your request by electronic form means, the information shall be provided by electronic means where possible, unless otherwise requested by you.

Upon your request, the information may be provided orally, provided that your identity is proven by other means.

 

Information and any communication and any actions shall be provided and taken free of charge. Should your request manifestly be unfounded or excessive, in particular because of their repetitive character, the Controller may – taking into account the administrative costs of providing the information or communication or taking the action requested – either:

  • charge a reasonable fee, or

  • refuse to act on the request.

If the Controller has reasonable doubts concerning the identity of the natural person making the request, the Controller may request the provision of additional information necessary to confirm the identity of the data subject.

 

Remedy

Should the Controller or any co-worker violate your right, as data subject for the protection of personal data, we kindly ask you to contact us in order to provide remedy for the problem.

In the event if you do not agree with the procedure of the Controller (processing, giving information, deny of request regarding rectification, erasure or restriction), believe that the Controller did not take the proper actions as requested by you, then you may lodge a complaint with the Hungarian National Authority for Data Protection and Freedom of Information or may seek judicial remedy at the courts of Hungary in accordance with the laws of Hungary.

Hungarian National Authority for Data Protection and Freedom of Information

seat: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.

postal address: 1530 Budapest, Pf.: 5

telephone: 06 -1- 391-1400

telefax: 06-1-391-1410

e-mail: ugyfelszolgalat@naih.hu

webpage: www.naih.hu

 

  1. The period of data processing

 

The data processing of Élményliget Kft. based on the User’s voluntary information retrieval and based on the User’s expressed, voluntary and previous consent given after and based on information about the details and ways of data processing is processed by Élményliget Kft. until the withdrawal of such consent, respectively until the termination of the purpose of the data processing stated in this Privacy Notice. The use of the User’s data is considered permanent until the User does not request the deletion of such data from the records.

 

  1. Security

 

The Controller implements technical and organizational measure to protect the data subjects’ personal data from modification, harm, erasure, deletion and from access of unauthorized persons. All personal data provided to the Controller will be encrypted upon data transfer in order to prevent, hinder any possible abuse by any third person. The Controller regularly tests and evaluates the effectiveness of security measures to be in compliance with the technical developments.

 

  1. Data processor

 

Anonymous data in connection with the Webpage, and the personal data is processed by our hosting-provider.

Hosting-provider: Webpont Informatikai Kft.

seat: 1123 Budapest, Alkotás utca 44.

e-mail: server@webpont.hu

 

  1. Protection of minors under 16

 

Services of the Webpage may be used by minors under 16. The processing of personal data of a minor under 16 shall be lawful only if and to the extent that consent is given or authorized by the holder of parental responsibility over the minor.

As per the law, if a minor is 16-years old, his/her consent shall be considered valid without consent or approval of the holder of parental responsibility.

 

  1. Contact details

 

Should you have any questions, proposals, requests, we kindly ask you to contact Élményliget Kft. at our e-mail address or any other contact provided on our website.

Should you have any questions for which the answer is not clear after reading this Privacy Notice, please do not hesitate to contact us.

 

  1. Controller

 

Élményliget Szabadidős Programszervező Korlátolt Felelősségű Társaság

abbreviated name: Élményliget Kft.

seat: 1121 Budapest, Mártonhegyi út 31/C B2. ép. földszint 2.

company registration number: 01-09-871137

court of registration: Budapest-Capital Regional Court

tax number: 13747466-2-43

representative: Somogyi János, managing director

 

Contact details of the controller:

Postal address: 1535 Budapest, PF. 797

E-mail: elmenyliget2006@gmail.com